From a43dc307c3014d70a01035313cd763ee13e9d219 Mon Sep 17 00:00:00 2001 From: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@cloudwatt.com> Date: Fri, 11 Apr 2014 19:17:47 +0000 Subject: [PATCH 2/2] Add support for QEMU migration to use SASL authentication
This commit provides the ability to virDomainMigrateToURI to check for SASL credentials when attempts to migrate a domain with the driver QEMU. Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@cloudwatt.com> --- src/qemu/qemu_migration.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 3d005a0..a9f7fea 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -4020,6 +4020,18 @@ doPeer2PeerMigrate3(virQEMUDriverPtr driver, } +static int virConnectCredType[] = { + VIR_CRED_AUTHNAME, + VIR_CRED_PASSPHRASE, +}; + + +static virConnectAuth virConnectAuthConfig = { + .credtype = virConnectCredType, + .ncredtype = ARRAY_CARDINALITY(virConnectCredType), +}; + + static int doPeer2PeerMigrate(virQEMUDriverPtr driver, virConnectPtr sconn, virDomainObjPtr vm, @@ -4053,7 +4065,7 @@ static int doPeer2PeerMigrate(virQEMUDriverPtr driver, */ qemuDomainObjEnterRemote(vm); - dconn = virConnectOpen(dconnuri); + dconn = virConnectOpenAuth(dconnuri, &virConnectAuthConfig, 0); qemuDomainObjExitRemote(vm); if (dconn == NULL) { virReportError(VIR_ERR_OPERATION_FAILED, -- 1.9.0 ----- Original Message ----- From: "Daniel P. Berrange" <berrange@redhat.com> To: "Sahid Orentino Ferdjaoui" <sahid.ferdjaoui@gmail.com> Cc: libvir-list@redhat.com, "Sahid Orentino Ferdjaoui" <sahid.ferdjaoui@cloudwatt.com> Sent: Wednesday, April 23, 2014 12:08:04 PM Subject: Re: [libvirt] [PATCH 2/2] Add support for QEMU migration to use SASL authentication On Sun, Apr 13, 2014 at 01:52:48PM +0200, Sahid Orentino Ferdjaoui wrote:
This commit provides the ability to virDomainMigrateToURI to check for SASL credentials when attempts to migrate a domain with the driver QEMU.
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@cloudwatt.com> --- src/qemu/qemu_migration.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 593d2d3..e2010e0 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -4020,6 +4020,18 @@ doPeer2PeerMigrate3(virQEMUDriverPtr driver, }
+static int virConnectCredType[] = { + VIR_CRED_AUTHNAME, + VIR_CRED_PASSPHRASE, +}; + + +static virConnectAuth virConnectAuthConfig = { + .credtype = virConnectCredType, + .ncredtype = ARRAY_CARDINALITY(virConnectCredType), +}; + + static int doPeer2PeerMigrate(virQEMUDriverPtr driver, virConnectPtr sconn, virDomainObjPtr vm, @@ -4053,7 +4065,7 @@ static int doPeer2PeerMigrate(virQEMUDriverPtr driver, */
qemuDomainObjEnterRemote(vm); - dconn = virConnectOpen(dconnuri); + dconn = virConnectOpenAuth(dconnuri, &virConnectAuthConfig, 0); qemuDomainObjExitRemote(vm); if (dconn == NULL) { virReportError(VIR_ERR_OPERATION_FAILED,
Ok, so we don't have any way to pass in username/passwords to the migrate API, but this change does let virConnectOpenAuth lookup the passwords in the libvirt client config file, which is a reasonable thing todo I reckon, so ACK. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|